Overview

overview

10

Static

static

10

uwu

ubuntu-20.04-amd64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    uwu

  • Size

    67KB

  • Sample

    240329-rhwxpaah47

  • MD5

    e2c0087a8d7edad6939f1efe86bb2dac

  • SHA1

    525c654eef355967e0ac47dafa4f342ef32620bb

  • SHA256

    a42173b4d058ebda774351df66b96aa6a4fdcb89ed52f1ac3d2e5da6d0f72b36

  • SHA512

    fa05baa6758fb4af3375d635224a2a369b02bc55458117a28395c331e49121663986196b404b9e00ccbeb00e8c900702e073b43ddb5ee512c64b7ed69c02cfb8

  • SSDEEP

    1536:Ioq6yT/EtIwEVgi+kEYW5zutt1nZj6l9ebewCVab8r:DM/jSiMYWwzZEEyT

Score
10/10
mirailinuxpersistence

Malware Config

Extracted

Family

mirai

C2

maintained.abadila.best

Targets

    • Target

      uwu

    • Size

      67KB

    • MD5

      e2c0087a8d7edad6939f1efe86bb2dac

    • SHA1

      525c654eef355967e0ac47dafa4f342ef32620bb

    • SHA256

      a42173b4d058ebda774351df66b96aa6a4fdcb89ed52f1ac3d2e5da6d0f72b36

    • SHA512

      fa05baa6758fb4af3375d635224a2a369b02bc55458117a28395c331e49121663986196b404b9e00ccbeb00e8c900702e073b43ddb5ee512c64b7ed69c02cfb8

    • SSDEEP

      1536:Ioq6yT/EtIwEVgi+kEYW5zutt1nZj6l9ebewCVab8r:DM/jSiMYWwzZEEyT

    Score
    8/10
    persistence

    • Modifies password files for system users/ groups

      Modifies files storing password hashes of existing users/ groups, likely to grant additional privileges.

    • Changes its process name

    • Deletes itself

    • Modifies sudoers policy

      Adds/ Modifies rule files for sudoers policy, likely to grant additional privileges.

    • Adds a user to the system

    • Creates/modifies environment variables

      Creating/modifying environment variables is a common persistence mechanism.

      persistence

    • Modifies Bash startup script

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks